Simple optimization of Linux services

hardware optimization

• Processor: number of cores, main frequency, process technology, number of threads, cache, etc.

Number of cores: 1, 2, 4, 6, 8, 12, 24, 32, etc.
Main frequency: 2.0GHz, 2.3GHz, etc.
Process technology: 22nm, 14nm, 10nm, etc.
Number of threads: 1, 2
Cache: L1, L2 , L3 suggestion: Try to choose a processor
with more cores, higher main frequency, newer process technology, support for hyper-threading, larger cache capacity, and about half a year since the market .

• Memory: capacity, frequency, algebra

Capacity: 1G, 2G, 4G, 8G, 16G, 32G
Frequency: 1600, 1866, 2133, 2400MHz, etc.
Algebra: 1, 2, 3, 4 Generation
Suggestion: Try to choose a single memory with a capacity of 16G or 32G DDR4 2133MHz and above strip.

• Hard disk: type, rotation speed, interface type, RAID

Type: mechanical and SSD solid-state
speed: 5400, 7200, 10000, 15000 rpm (mechanical hard disk)
interface type: SATA, SAS, PCI-E
RAID: 0, 1, 5, 6, 10, 50, 60
Suggestions: try to Choose SSDs that support PCI-E, especially for databases and search engines.

• Network card: speed, interface type

Speed: 10Mbps, 100Mbps, 1Gbps, 4Gbps, 10Gbps
Interface type: Ethernet, optical fiber, etc.
Suggestion: The default 1Gbps Ethernet card provided by most servers is sufficient.
If a server that needs a large amount of data and high concurrent access encounters a situation where the network traffic peak is full, you can switch to a fiber interface network card that supports 4Gbps or 10Gbps.

Other suggestions:
Generally, the integrated graphics card of the server is enough, unless there are special needs such as a large amount of video image processing or heterogeneous computing.

OS optimization

• System services: Close unused services to improve performance and security.

grep -q '7.' /etc/redhat-release
if [ $? -ne 0 ]; then
    Services=$(chkconfig --list | grep '0' | awk '{print $1}' | grep -Ev 'sshd|network|crond|syslog|ntpd')
    for Service in $Services
    do
        service $Service stop
        chkconfig --level 0123456 $Service off
    done
else
    Services=(atd avahi-daemon cups dmraid-activation firewalld irqbalance kdump mdmonitor postfix)
    for Service in ${Services[*]}
    do
        systemctl disable ${Service}
        systemctl stop ${Service}
    done
    systemctl enable rc-local
fi

• Kernel parameters:

cat >> /etc/sysctl.conf << EOF
vm.swappiness = 0
vm.overcommit_memory = 1
net.core.rmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216
net.core.somaxconn = 60000
net.core.netdev_max_backlog = 60000
net.ipv4.tcp_max_orphans = 60000
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_max_syn_backlog = 60000
net.ipv4.tcp_max_tw_buckets = 10000
net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_mem = 786432 1048576 1572864
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.sem = 250 32000 100 10000
kernel.pid_max = 65536
fs.inotify.max_user_watches = 1048576
kernel.kptr_restrict = 1
kernel.ctrl-alt-del = 1
EOF
sysctl -p

• Increase the limit on the number of open files and open processes in the system, and reduce the limit on the default stack space:

cat >> /etc/security/limits.conf << EOF
* - nofile 1048576
* - nproc  65536
* - stack  1024
EOF

• Increase the limit on the number of shell open files and open processes, and reduce the limit on the default stack space:

cat >> /etc/profile << EOF
ulimit -n 1048576
ulimit -u 65536
ulimit -s 1024
EOF

service optimization

• Configuration:

1. Try to enable caching and buffering, such as: Nginx's fastcgi_cache, open_file_cache, PHP's opcache, MySQL's innodb buffer, etc.
2. Unlock resource restrictions, such as: increase the number of open files, increase the number of service worker processes, CPU binding, etc.
3. Reduce disk and network IO, such as: use batch read and write data, replace the disk with the tmpfs file system, turn off the log, enable the keepalive attribute of the http service, gzip compression, etc.

• code:

1. Directly modify the source code of the application service itself or use a third-party application, such as: Tengine instead of Nginx, MairaDB instead of MySQL.
2. Use performance analysis and debugging tools, such as: xdebug, xhprof to analyze business PHP code, slow log and explain tools to analyze SQL statements, etc.

• Compile:

1. Add optimization parameters, such as: gcc compilation optimization level -Oparameters.
2. Remove redundant modules, such as the pop3 module that is rarely used by Nginx.
3. With the help of other acceleration modules or patches, such as the memory allocation library tcmalloc produced by Google, and the Nginx patch Concat produced by Alibaba for merging static files.

Architecture optimization

• Domain name resolution load balancing: A single domain name is resolved into multiple IP addresses, and user requests are distributed to different computer rooms.
  Advantages: Simple, easy to maintain, suitable for website mirroring.
  Disadvantages: uneven distribution of requests, domain name resolution cache affects high availability.

• Dynamic and static separation: Separate static files such as pictures, videos, js, css, etc., to reduce the interaction between dynamic requests and static request servers.
  Advantages: The server function is simpler, and troubleshooting is easier.
  Disadvantages: The cost of manpower and material resources in the early stage of development is high.

• CDN: Deploy static resources to a network closer to the user, reducing the network transmission time of user requests.
  Advantages: Greatly improve the speed of users' access to static resources.
  Disadvantages: It involves a complex domestic environment, and the management and maintenance costs are relatively high.

• Load balancing: distribute requests to backend servers.
  Advantages: Greatly improves the performance and scalability of the back-end server cluster.
  Cons: Hardware load balancing is too expensive.

• Distributed content cache: save data that is not frequently modified in the database to the content cache server.
  Advantages: It can greatly reduce the read pressure of the database.
  Disadvantages: It is necessary to solve the data consistency problem of data cache invalidation and database update, including the headache of avalanche effect.

• Message queue: not only can be used as a message server, but also can convert a large number of resource-consuming operations into sequential asynchronous operations.
  Advantages: Reduce instantaneous high concurrent requests and server and database load.
  Disadvantages: The high-availability implementation of message queues is more complicated and difficult to maintain.

• Database agent: Send different SQL to different databases according to the set rules, and then return aggregated data.
  Advantages: It reduces the logical complexity of reading and writing the database in the business code layer, and improves the scalability of the database cluster.
  Disadvantages: The database proxy software needs to re-implement the parsing of SQL statements, and also needs to support sub-database and sub-table, which affects performance and maintenance.

Summarize

Website performance is often a database bottleneck.
The database consumes CPU, memory, and IO. The simplest way to optimize the architecture is to minimize the read and write operations of the database.
The practice of most companies is to keep the request as far as possible in the server response before the database, the earlier the better.
Part of the dynamic content can be converted into static content to further reduce the reading pressure on the dynamic language server and database.
It is also possible to convert a part of read and write database requests into a message queue to implement batch operations.
Expand the performance of the database cluster through sub-database sub-table partition and database agent.
Of course, the optimization of SQL statements needs to be persisted.
If other services encounter insufficient performance, they can directly expand the cluster size by pre-installing LVS, Haproxy, Nginx+TCP modules and other methods.

cache:

Architecture: